Understanding Locks and Keys in Cryptography

Cryptography is both the lock and the combination (or key) that can be used to help protect your data. There are a variety of cryptographic methods and keys. Together, the method and the key determine cryptographic security.

From the author of

From the author of

We begin our explanation of cryptographic concepts with the help of two people
you'll get to know well in this book: Alice and Bob, a fictitious pair
often used for illustration in cryptography books. Alice and Bob's first
task is to illustrate the difference between method and key.

Locks and Combinations

Imagine that a master locksmith has designed a combination lock and published
the entire inner workings—the nuts and bolts of every mechanism in the
lock. Alice buys a lock and changes the combination. The design is so secure
that no one, not even the locksmith, can figure out the new combination. Of
course, this means that if Alice forgets the combination, no one can open the
lock without trying every combination or breaking the lock.

One lock design used to make many locks.

Further imagine that this one lock design is used to make many locks. Suppose
Bob also buys a lock and changes the combination. Just like the locksmith who
designed the lock, Alice has no clue how to figure out the combination on Bob's
or anyone else's lock. So Alice can't open Bob's lock, and Bob
can't open Alice's lock (see Figure
1-1).

Figure 1-1Alice's
and Bob's individual locks are only two of many instances of the identical
lock design.

Alice checks that her lock is secure against the force she believes an opponent
might use to open it and checks that the lock can't be opened by merely
pulling on the handle. She also wants to have confidence that it would take
an intruder a long time to try all the possible combinations. How long Alice
wants someone to have to try different combinations determines the kind of lock
she buys. If Alice's only concern is to protect her luggage against a nosy
baggage attendant, she needs a lock to stop someone for only a few minutes.
She might buy a lock with only a few possible combinations. On the other hand,
if Bob wants to protect his valuables at an athletic club, he needs a lock with
more possible combinations (see Figure
1-2).

Let's use the lock and key analogy to see how Alice could protect her
electronic possessions. Imagine that Alice has an envelope containing a secret
message and that her lock seals the envelope to keep others from opening it.
The message inside the envelope is readable if the correct combination opens
the lock. The message is unreadable if the lock is opened any other way, such
as breaking it with a hammer or a crowbar.

Cryptography is both the lock and the combination (or key). Just as there are
a variety of locks, there are a variety of cryptographic methods and keys (see
Figure 1-3). The
joining of the method and the key determines how secure Alice's secret
message is from an opponent who doesn't know the combination.

Strength of lock and number of possible combinations (keys)

Bob can use a lock with the same design as Alice's lock; many people know that the method is to turn right to number 1, left to number 2,
and finally right again to number 3. But it's Bob's individual
lock combination (his personal numbers 1, 2, and 3) that enables
his lock to secure his personal belongings and keeps Alice, or anyone
else without the lock combination, out. What matters most in securing Bob's
personal belongings is the strength of the lock and the number of possible combinations
or keys.

In the same way, the lock strength and the number of possible keys are critical
to securing Bob's and Alice's electronic communications. Alice and
Bob can use a cryptographic method or lock with the same design (as long as
it's a strong method) and still securely hide their personal messages from
a savvy opponent, or each other, because their individual cryptographic keys
are different. As long as there are enough possible keys to keep an opponent
busy trying them for a long time, Bob and Alice can feel somewhat secure that
the secrets in their messages won't fall into the wrong hands.

Figure 1-2Some
locks have very few possible combinations; others have many possible combinations.

Why is the number of possible secret keys one of the most important factors
about a secret key cryptographic method? It's obvious that a physical lock
with 10,000 possible combinations is much more secure than a lock with only
10 possible combinations. In cryptography, this has not always been true. In
the following chapters, you'll learn why.